Latest News

Romance Scammer Sentenced to 25 Years for Hostage-Taking. The Venezuelan national lured US citizens via online dating and…

Threat actors with ties to the Democratic People's Republic of Korea (DPRK aka North Korea) have been found embedding malware within Flutter applications, marking the first time this tactic has been adopted by the adversary to infect Apple macOS devices. Jamf Threat Labs, which made the discovery based on artifacts uploaded to the VirusTotal platform earlier this month, said the Flutter-built

Atlas Biomed, a DNA testing company that promised clients insights into their genetic disposition has suddenly disappeared.

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: TRO600 Series Vulnerabilities: Command Injection, Improper Removal of Sensitive Information Before Storage or Transfer 2. RISK EVALUATION Command injection vulnerability in the Edge Computing UI for the TRO600 series radios that allows for the execution of arbitrary system commands. If exploited, an attacker with write access to the web UI can execute commands on the device with root privileges, far more extensively than the write privilege intends. Profile files from TRO600 series radios are extracted in plain-text and encrypted file formats. Profile files provide potential attackers valuable configuration information about the Tropos network. Profiles can only be exported by authenticated users with write access. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following products of Hitachi Energy are affected: Hitachi Energy TRO600 series firmware versions...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk View ME Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a local low-privileged user to escalate their privileges by changing the macro to execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Rockwell Automation reports that the following versions of FactoryTalk Software are affected: FactoryTalk View ME, when using default folder privileges: v14.0 and prior 3.2 Vulnerability Overview 3.2.1 Improper Input Validation CWE-20 A remote code execution vulnerability exists in FactoryTalk View ME. The vulnerability allows users to save projects within the public directory allowing anyone with local access to modify and/or delete files. Additionally, a malicious user could potentially leverage this vulnerability to escalate their privileges by changing the macro to execute arbitrary code...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Subnet Solutions Equipment: PowerSYSTEM Center Vulnerabilities: Improper Restriction of XML External Entity Reference, Integer Overflow or Wraparound 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to cause an integer overflow on the affected device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of SUBNET PowerSYSTEM Center, an OT device management platform, are affected: PowerSYSTEM Center PSC 2020: v5.22.x and prior 3.2 Vulnerability Overview 3.2.1 Improper Restriction of XML External Entity Reference CWE-611 An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer. CVE-2024-45490 has been assigned to this vulnerability. A CVSS v3.1 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). 3.2.2 Integer Overflow or ...

Donald Trump has vowed to deport millions and jail his enemies. To carry out that agenda, his administration will exploit America’s digital surveillance machine. Here are some steps you can take to evade it.

Behavioral analytics, long associated with threat detection (i.e. UEBA or UBA), is experiencing a renaissance. Once primarily used to identify suspicious activity, it’s now being reimagined as a powerful post-detection technology that enhances incident response processes. By leveraging behavioral insights during alert triage and investigation, SOCs can transform their workflows to become more

Privacy advocates worry banning masks at protests will encourage harassment, while cops’ high-tech tools render the rules unnecessary.

I transformed my English-language site avleonov.com. While my Russian-language site avleonov.ru was intended as a mirror of my Telegram channel @avleonovrus, I wasn’t sure how to move forward with the English-language site. 🤔 I’ve been running it since 2016. For a long time, it was my main VM blog. Since February 2020, I have been […]